Username: That is actually the real username. If you do not specify a username in your login or create request, then Kinvey will assign a random identifier. This is what you see. Can you share your SDK code for creating a user?

Password: One-way hash that you cannot decrypt.

Also: If you have a js framework, please do not use direct REST calls but intsead use our javascript SDK's (e.g. angular, html5, phonegap, etc.)

Email codedump link for How to decrypt username and password which is encrypted by Kinvey